mirror of https://github.com/spiffe/spiffe-csi.git
Compare commits
No commits in common. "main" and "v0.2.3" have entirely different histories.
|
|
@ -4,25 +4,7 @@ updates:
|
|||
directory: "/"
|
||||
schedule:
|
||||
interval: daily
|
||||
groups:
|
||||
actions:
|
||||
patterns:
|
||||
- "github.com/actions/*"
|
||||
k8s.io:
|
||||
patterns:
|
||||
- "k8s.io/*"
|
||||
sigs.k8s.io:
|
||||
patterns:
|
||||
- "sig.k8s.io/*"
|
||||
open-pull-requests-limit: 5
|
||||
- package-ecosystem: gomod
|
||||
directory: "test/workload"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
- package-ecosystem: gomod
|
||||
directory: "example/workload"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
- package-ecosystem: "github-actions"
|
||||
directory: "/"
|
||||
schedule:
|
||||
|
|
|
|||
|
|
@ -1,20 +0,0 @@
|
|||
name: DCO
|
||||
on:
|
||||
pull_request:
|
||||
merge_group:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
jobs:
|
||||
check_dco:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
name: Check DCO
|
||||
steps:
|
||||
- name: Run dco-check
|
||||
uses: christophebedard/dco-check@7b0205d25ead0f898e0b706b58227dd5fa7e3f55 # 0.5.0
|
||||
with:
|
||||
args: --exclude-pattern 'dependabot\[bot\]@users\.noreply\.github\.com'
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
|
@ -19,17 +19,17 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v3.5.2
|
||||
uses: actions/checkout@v3
|
||||
- name: Install cosign
|
||||
uses: sigstore/cosign-installer@fb28c2b6339dcd94da6e4cbcbc5e888961f6f8c3 # v3.9.0
|
||||
uses: sigstore/cosign-installer@v2.8.1
|
||||
with:
|
||||
cosign-release: v2.2.3
|
||||
cosign-release: v1.13.1
|
||||
- name: Install regctl
|
||||
uses: regclient/actions/regctl-installer@b6614f5f56245066b533343a85f4109bdc38c8cc # main
|
||||
- name: Build images
|
||||
uses: regclient/actions/regctl-installer@main
|
||||
- name: Build image
|
||||
run: make docker-build
|
||||
- name: Log in to GHCR
|
||||
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
|
|
|
|||
|
|
@ -1,8 +1,7 @@
|
|||
name: PR Build
|
||||
on:
|
||||
pull_request:
|
||||
merge_group:
|
||||
workflow_dispatch:
|
||||
pull_request: {}
|
||||
workflow_dispatch: {}
|
||||
|
||||
jobs:
|
||||
validate:
|
||||
|
|
@ -13,11 +12,11 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
|
||||
uses: actions/checkout@v3
|
||||
- name: Setup go
|
||||
uses: actions/setup-go@v5
|
||||
uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version-file: 'go.mod'
|
||||
go-version: 1.20.1
|
||||
- name: Lint
|
||||
run: make lint
|
||||
- name: Test
|
||||
|
|
@ -31,19 +30,19 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
|
||||
uses: actions/checkout@v3
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
uses: docker/setup-qemu-action@v2
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
uses: docker/setup-buildx-action@v2
|
||||
- name: Install regctl
|
||||
uses: regclient/actions/regctl-installer@b6614f5f56245066b533343a85f4109bdc38c8cc # main
|
||||
uses: regclient/actions/regctl-installer@main
|
||||
- name: Build image
|
||||
run: make docker-build
|
||||
- name: Export images
|
||||
run: tar -czvf images.tar.gz *-image.tar
|
||||
- name: Archive images
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: images
|
||||
path: images.tar.gz
|
||||
|
|
@ -63,17 +62,19 @@ jobs:
|
|||
# Kubernetes, but can go back farther as long as we don't need heroics
|
||||
# to pull it off (i.e. kubectl version juggling).
|
||||
k8s-version:
|
||||
- v1.32.2
|
||||
- v1.31.6
|
||||
- v1.30.10
|
||||
- v1.29.14
|
||||
- v1.25.3
|
||||
- v1.24.7
|
||||
- v1.23.13
|
||||
- v1.22.15
|
||||
- v1.21.14
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
|
||||
uses: actions/checkout@v3
|
||||
- name: Install regctl
|
||||
uses: regclient/actions/regctl-installer@b6614f5f56245066b533343a85f4109bdc38c8cc # main
|
||||
uses: regclient/actions/regctl-installer@main
|
||||
- name: Download archived images
|
||||
uses: actions/download-artifact@v4
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: images
|
||||
path: .
|
||||
|
|
|
|||
|
|
@ -13,11 +13,11 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
|
||||
uses: actions/checkout@v3
|
||||
- name: Setup go
|
||||
uses: actions/setup-go@v5
|
||||
uses: actions/setup-go@v3
|
||||
with:
|
||||
go-version-file: 'go.mod'
|
||||
go-version: 1.20.1
|
||||
- name: Lint
|
||||
run: make lint
|
||||
- name: Test
|
||||
|
|
@ -31,19 +31,19 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
|
||||
uses: actions/checkout@v3
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
uses: docker/setup-qemu-action@v2
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
uses: docker/setup-buildx-action@v2
|
||||
- name: Install regctl
|
||||
uses: regclient/actions/regctl-installer@b6614f5f56245066b533343a85f4109bdc38c8cc # main
|
||||
uses: regclient/actions/regctl-installer@main
|
||||
- name: Build image
|
||||
run: make docker-build
|
||||
- name: Export images
|
||||
run: tar -czvf images.tar.gz *-image.tar
|
||||
- name: Archive images
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: images
|
||||
path: images.tar.gz
|
||||
|
|
@ -63,17 +63,18 @@ jobs:
|
|||
# Kubernetes, but can go back farther as long as we don't need heroics
|
||||
# to pull it off (i.e. kubectl version juggling).
|
||||
k8s-version:
|
||||
- v1.32.2
|
||||
- v1.31.6
|
||||
- v1.30.10
|
||||
- v1.29.14
|
||||
- v1.25.3
|
||||
- v1.24.7
|
||||
- v1.23.13
|
||||
- v1.22.15
|
||||
- v1.21.14
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
|
||||
uses: actions/checkout@v3
|
||||
- name: Install regctl
|
||||
uses: regclient/actions/regctl-installer@b6614f5f56245066b533343a85f4109bdc38c8cc # main
|
||||
uses: regclient/actions/regctl-installer@main
|
||||
- name: Download archived images
|
||||
uses: actions/download-artifact@v4
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: images
|
||||
path: .
|
||||
|
|
@ -98,20 +99,20 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
|
||||
uses: actions/checkout@v3
|
||||
- name: Install cosign
|
||||
uses: sigstore/cosign-installer@fb28c2b6339dcd94da6e4cbcbc5e888961f6f8c3 # v3.9.0
|
||||
uses: sigstore/cosign-installer@v2.8.1
|
||||
with:
|
||||
cosign-release: v2.2.3
|
||||
cosign-release: v1.13.1
|
||||
- name: Install regctl
|
||||
uses: regclient/actions/regctl-installer@b6614f5f56245066b533343a85f4109bdc38c8cc # main
|
||||
uses: regclient/actions/regctl-installer@main
|
||||
- name: Download archived images
|
||||
uses: actions/download-artifact@v4
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: images
|
||||
path: .
|
||||
- name: Log in to GHCR
|
||||
uses: docker/login-action@v3
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
|
|
|
|||
|
|
@ -62,4 +62,4 @@ regctl image import "ocidir://${oci_dir}" "${image}-image.tar"
|
|||
regctl image copy "ocidir://${oci_dir}" "${image_to_push}"
|
||||
|
||||
image_digest="$(jq -r '.manifests[0].digest' "${oci_dir}/index.json")"
|
||||
cosign sign -y "${registry}/${image}@${image_digest}"
|
||||
cosign sign "${registry}/${image}@${image_digest}"
|
||||
|
|
|
|||
|
|
@ -5,12 +5,12 @@ run:
|
|||
linters:
|
||||
enable:
|
||||
- bodyclose
|
||||
- depguard
|
||||
- durationcheck
|
||||
- errorlint
|
||||
- goimports
|
||||
- revive
|
||||
- gosec
|
||||
- nakedret
|
||||
- misspell
|
||||
- nolintlint
|
||||
- nakedret
|
||||
|
|
@ -18,7 +18,6 @@ linters:
|
|||
- unparam
|
||||
- whitespace
|
||||
- gocritic
|
||||
- nolintlint
|
||||
|
||||
linters-settings:
|
||||
revive:
|
||||
|
|
|
|||
24
CHANGELOG.md
24
CHANGELOG.md
|
|
@ -1,29 +1,5 @@
|
|||
# Changelog
|
||||
|
||||
## [0.2.7] - 2025-03-20
|
||||
|
||||
### Changed
|
||||
|
||||
- Dependency updates
|
||||
|
||||
## [0.2.6] - 2024-04-10
|
||||
|
||||
### Security
|
||||
|
||||
- Updated Golang to 1.22.2 and google.golang.org/grpc to v1.63.2 in order to address CVE-2023-45288 (#181)
|
||||
|
||||
## [0.2.5] - 2024-01-23
|
||||
|
||||
### Fixed
|
||||
|
||||
- The unmount operation now allows pods to terminate properly after a node reboot (#161)
|
||||
|
||||
## [0.2.4] - 2023-11-02
|
||||
|
||||
### Security
|
||||
|
||||
- Updated to google.golang.org/grpc v1.59.0 to address CVE-2023-44487
|
||||
|
||||
## [0.2.3] - 2023-02-24
|
||||
|
||||
### Changed
|
||||
|
|
|
|||
|
|
@ -1,5 +1,8 @@
|
|||
# Build the SPIFFE CSI Driver binary
|
||||
FROM --platform=${BUILDPLATFORM} golang:1.24.0-alpine AS base
|
||||
FROM --platform=${BUILDPLATFORM} golang:1.20.1-alpine AS base
|
||||
ARG GIT_TAG
|
||||
ARG GIT_COMMIT
|
||||
ARG GIT_DIRTY
|
||||
WORKDIR /code
|
||||
RUN apk --no-cache --update add make
|
||||
COPY go.* ./
|
||||
|
|
@ -12,7 +15,7 @@ COPY . .
|
|||
# crane digest tonistiigi/xx:1.1.2
|
||||
FROM --platform=${BUILDPLATFORM} tonistiigi/xx@sha256:9dde7edeb9e4a957ce78be9f8c0fbabe0129bf5126933cd3574888f443731cda AS xx
|
||||
|
||||
FROM --platform=${BUILDPLATFORM} base AS builder
|
||||
FROM --platform=${BUILDPLATFORM} base as builder
|
||||
ARG TARGETPLATFORM
|
||||
ARG TARGETARCH
|
||||
ENV CGO_ENABLED=0
|
||||
|
|
@ -20,7 +23,7 @@ COPY --link --from=xx / /
|
|||
RUN xx-go --wrap
|
||||
RUN --mount=type=cache,target=/root/.cache/go-build \
|
||||
--mount=type=cache,target=/go/pkg/mod \
|
||||
make build
|
||||
make GIT_TAG="${GIT_TAG}" GIT_COMMIT="${GIT_COMMIT}" GIT_DIRTY="${GIT_DIRTY}" build
|
||||
|
||||
# Build a scratch image with just the SPIFFE CSI driver binary
|
||||
FROM scratch AS spiffe-csi-driver
|
||||
|
|
|
|||
28
Makefile
28
Makefile
|
|
@ -20,8 +20,6 @@ ifeq ($(arch1),x86_64)
|
|||
arch2=amd64
|
||||
else ifeq ($(arch1),aarch64)
|
||||
arch2=arm64
|
||||
else ifeq ($(arch1),arm64)
|
||||
arch2=arm64
|
||||
else
|
||||
$(error unsupported ARCH: $(arch1))
|
||||
endif
|
||||
|
|
@ -36,11 +34,30 @@ PLATFORMS ?= linux/amd64,linux/arm64
|
|||
|
||||
build_dir := $(DIR)/.build/$(os1)-$(arch1)
|
||||
|
||||
golangci_lint_version = v1.64.5
|
||||
golangci_lint_version = v1.51.2
|
||||
golangci_lint_dir = $(build_dir)/golangci_lint/$(golangci_lint_version)
|
||||
golangci_lint_bin = $(golangci_lint_dir)/golangci-lint
|
||||
golangci_lint_cache = $(golangci_lint_dir)/cache
|
||||
|
||||
# There may be more than one tag. Only use one that starts with 'v' followed by
|
||||
# a number, e.g., v0.9.3.
|
||||
git_tag = $(shell git tag --points-at HEAD | grep '^v[0-9]*')
|
||||
git_commit = $(shell git rev-parse --short=7 HEAD)
|
||||
git_dirty = $(if $(shell git status -s),true,)
|
||||
|
||||
# The ldflags are only influenced by the GIT_* variables passed in as Makefile
|
||||
# arguments. These are normally only passed by the Dockerfile.
|
||||
go_ldflags := -s -w
|
||||
ifneq ($(GIT_TAG),)
|
||||
go_ldflags += -X github.com/spiffe/spiffe-csi/internal/version.gitTag=$(GIT_TAG)
|
||||
endif
|
||||
ifneq ($(GIT_COMMIT),)
|
||||
go_ldflags += -X github.com/spiffe/spiffe-csi/internal/version.gitCommit=$(GIT_COMMIT)
|
||||
endif
|
||||
ifneq ($(GIT_DIRTY),)
|
||||
go_ldflags += -X github.com/spiffe/spiffe-csi/internal/version.gitDirty=$(GIT_DIRTY)
|
||||
endif
|
||||
|
||||
.PHONY: FORCE
|
||||
FORCE: ;
|
||||
|
||||
|
|
@ -57,6 +74,9 @@ docker-build: $(addsuffix -image.tar,$(BINARIES))
|
|||
spiffe-csi-driver-image.tar: Dockerfile FORCE | container-builder
|
||||
docker buildx build \
|
||||
--platform $(PLATFORMS) \
|
||||
--build-arg GIT_TAG=$(git_tag:v%=%) \
|
||||
--build-arg GIT_COMMIT=$(git_commit) \
|
||||
--build-arg GIT_DIRTY=$(git_dirty) \
|
||||
--target spiffe-csi-driver \
|
||||
-o type=oci,dest=$@ \
|
||||
.
|
||||
|
|
@ -65,7 +85,7 @@ spiffe-csi-driver-image.tar: Dockerfile FORCE | container-builder
|
|||
build: $(addprefix bin/,$(BINARIES))
|
||||
|
||||
bin/%: cmd/% FORCE
|
||||
CGO_ENABLED=0 go build -o $@ ./$<
|
||||
CGO_ENABLED=0 go build -ldflags '$(go_ldflags)' -o $@ ./$<
|
||||
|
||||
.PHONY: test
|
||||
test:
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ spec:
|
|||
containers:
|
||||
# This is the container which runs the SPIFFE CSI driver.
|
||||
- name: spiffe-csi-driver
|
||||
image: ghcr.io/spiffe/spiffe-csi-driver:0.2.6
|
||||
image: ghcr.io/spiffe/spiffe-csi-driver:0.2.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
args: [
|
||||
"-workload-api-socket-dir", "/spire-agent-socket",
|
||||
|
|
|
|||
|
|
@ -102,7 +102,7 @@ spec:
|
|||
serviceAccountName: spire-agent
|
||||
containers:
|
||||
- name: spire-agent
|
||||
image: ghcr.io/spiffe/spire-agent:1.8.0
|
||||
image: ghcr.io/spiffe/spire-agent:1.1.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
args: ["-config", "/run/spire/config/agent.conf"]
|
||||
volumeMounts:
|
||||
|
|
|
|||
|
|
@ -105,6 +105,7 @@ data:
|
|||
trust_domain = "example.org"
|
||||
data_dir = "/run/spire/data"
|
||||
log_level = "DEBUG"
|
||||
default_svid_ttl = "1h"
|
||||
ca_ttl = "12h"
|
||||
ca_subject {
|
||||
country = ["US"]
|
||||
|
|
@ -177,7 +178,7 @@ spec:
|
|||
shareProcessNamespace: true
|
||||
containers:
|
||||
- name: spire-server
|
||||
image: ghcr.io/spiffe/spire-server:1.8.0
|
||||
image: ghcr.io/spiffe/spire-server:1.1.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
args: ["-config", "/run/spire/config/server.conf"]
|
||||
ports:
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
FROM golang:1.24.0-alpine
|
||||
FROM golang:1.17-alpine
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
|
|
|
|||
|
|
@ -1,18 +1,21 @@
|
|||
module workload
|
||||
|
||||
go 1.24.0
|
||||
go 1.20
|
||||
|
||||
require github.com/spiffe/go-spiffe/v2 v2.5.0
|
||||
require github.com/spiffe/go-spiffe/v2 v2.1.2
|
||||
|
||||
require (
|
||||
github.com/Microsoft/go-winio v0.6.2 // indirect
|
||||
github.com/go-jose/go-jose/v4 v4.0.4 // indirect
|
||||
github.com/zeebo/errs v1.4.0 // indirect
|
||||
golang.org/x/crypto v0.31.0 // indirect
|
||||
golang.org/x/net v0.33.0 // indirect
|
||||
golang.org/x/sys v0.28.0 // indirect
|
||||
golang.org/x/text v0.21.0 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a // indirect
|
||||
google.golang.org/grpc v1.70.0 // indirect
|
||||
google.golang.org/protobuf v1.36.1 // indirect
|
||||
github.com/Microsoft/go-winio v0.6.0 // indirect
|
||||
github.com/golang/protobuf v1.5.2 // indirect
|
||||
github.com/zeebo/errs v1.3.0 // indirect
|
||||
golang.org/x/crypto v0.6.0 // indirect
|
||||
golang.org/x/mod v0.8.0 // indirect
|
||||
golang.org/x/net v0.7.0 // indirect
|
||||
golang.org/x/sys v0.5.0 // indirect
|
||||
golang.org/x/text v0.7.0 // indirect
|
||||
golang.org/x/tools v0.6.0 // indirect
|
||||
google.golang.org/genproto v0.0.0-20230222225845-10f96fb3dbec // indirect
|
||||
google.golang.org/grpc v1.53.0 // indirect
|
||||
google.golang.org/protobuf v1.28.1 // indirect
|
||||
gopkg.in/square/go-jose.v2 v2.6.0 // indirect
|
||||
)
|
||||
|
|
|
|||
|
|
@ -1,50 +1,39 @@
|
|||
github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
|
||||
github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
|
||||
github.com/Microsoft/go-winio v0.6.0 h1:slsWYD/zyx7lCXoZVlvQrj0hPTM1HI4+v1sIda2yDvg=
|
||||
github.com/Microsoft/go-winio v0.6.0/go.mod h1:cTAf44im0RAYeL23bpB+fzCyDH2MJiz2BO69KH/soAE=
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/go-jose/go-jose/v4 v4.0.4 h1:VsjPI33J0SB9vQM6PLmNjoHqMQNGPiZ0rHL7Ni7Q6/E=
|
||||
github.com/go-jose/go-jose/v4 v4.0.4/go.mod h1:NKb5HO1EZccyMpiZNbdUw/14tiXNyUJh188dfnMCAfc=
|
||||
github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
|
||||
github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
|
||||
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
|
||||
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
|
||||
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
|
||||
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
|
||||
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
|
||||
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
|
||||
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
|
||||
github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
|
||||
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
|
||||
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
|
||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/spiffe/go-spiffe/v2 v2.5.0 h1:N2I01KCUkv1FAjZXJMwh95KK1ZIQLYbPfhaxw8WS0hE=
|
||||
github.com/spiffe/go-spiffe/v2 v2.5.0/go.mod h1:P+NxobPc6wXhVtINNtFjNWGBTreew1GBUCwT2wPmb7g=
|
||||
github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
|
||||
github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
|
||||
github.com/zeebo/errs v1.4.0 h1:XNdoD/RRMKP7HD0UhJnIzUy74ISdGGxURlYG8HSWSfM=
|
||||
github.com/zeebo/errs v1.4.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4=
|
||||
go.opentelemetry.io/otel v1.32.0 h1:WnBN+Xjcteh0zdk01SVqV55d/m62NJLJdIyb4y/WO5U=
|
||||
go.opentelemetry.io/otel v1.32.0/go.mod h1:00DCVSB0RQcnzlwyTfqtxSm+DRr9hpYrHjNGiBHVQIg=
|
||||
go.opentelemetry.io/otel/metric v1.32.0 h1:xV2umtmNcThh2/a/aCP+h64Xx5wsj8qqnkYZktzNa0M=
|
||||
go.opentelemetry.io/otel/metric v1.32.0/go.mod h1:jH7CIbbK6SH2V2wE16W05BHCtIDzauciCRLoc/SyMv8=
|
||||
go.opentelemetry.io/otel/sdk v1.32.0 h1:RNxepc9vK59A8XsgZQouW8ue8Gkb4jpWtJm9ge5lEG4=
|
||||
go.opentelemetry.io/otel/sdk v1.32.0/go.mod h1:LqgegDBjKMmb2GC6/PrTnteJG39I8/vJCAP9LlJXEjU=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.32.0 h1:rZvFnvmvawYb0alrYkjraqJq0Z4ZUJAiyYCU9snn1CU=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.32.0/go.mod h1:PWeZlq0zt9YkYAp3gjKZ0eicRYvOh1Gd+X99x6GHpCQ=
|
||||
go.opentelemetry.io/otel/trace v1.32.0 h1:WIC9mYrXf8TmY/EXuULKc8hR17vE+Hjv2cssQDe03fM=
|
||||
go.opentelemetry.io/otel/trace v1.32.0/go.mod h1:+i4rkvCraA+tG6AzwloGaCtkx53Fa+L+V8e9a7YvhT8=
|
||||
golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
|
||||
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
|
||||
golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
|
||||
golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
|
||||
golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
|
||||
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
|
||||
golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a h1:hgh8P4EuoxpsuKMXX/To36nOFD7vixReXgn8lPGnt+o=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU=
|
||||
google.golang.org/grpc v1.70.0 h1:pWFv03aZoHzlRKHWicjsZytKAiYCtNS0dHbXnIdq7jQ=
|
||||
google.golang.org/grpc v1.70.0/go.mod h1:ofIJqVKDXx/JiXrwr2IG4/zwdH9txy3IlF40RmcJSQw=
|
||||
google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk=
|
||||
google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
|
||||
github.com/spiffe/go-spiffe/v2 v2.1.2 h1:nfNwopOP7q0qsWU6AUASqmbtYViwHA6vuHyAtqFJtNc=
|
||||
github.com/spiffe/go-spiffe/v2 v2.1.2/go.mod h1:cbQmFrxsOpbm5tWURAYip9ZK0dOSFeoFG3/5Ub9Hvy0=
|
||||
github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
|
||||
github.com/zeebo/errs v1.3.0 h1:hmiaKqgYZzcVgRL1Vkc1Mn2914BbzB0IBxs+ebeutGs=
|
||||
github.com/zeebo/errs v1.3.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4=
|
||||
golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc=
|
||||
golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
|
||||
golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8=
|
||||
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
|
||||
golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
|
||||
golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||
golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o=
|
||||
golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
|
||||
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
|
||||
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM=
|
||||
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
google.golang.org/genproto v0.0.0-20230222225845-10f96fb3dbec h1:6rwgChOSUfpzJF2/KnLgo+gMaxGpujStSkPWrbhXArU=
|
||||
google.golang.org/genproto v0.0.0-20230222225845-10f96fb3dbec/go.mod h1:3Dl5ZL0q0isWJt+FVcfpQyirqemEuLAK/iFvg1UP1Hw=
|
||||
google.golang.org/grpc v1.53.0 h1:LAv2ds7cmFV/XTS3XG1NneeENYrXGmorPxsBbptIjNc=
|
||||
google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw=
|
||||
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
|
||||
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
||||
google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w=
|
||||
google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
|
||||
gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI=
|
||||
gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
|
|
|
|||
29
go.mod
29
go.mod
|
|
@ -1,25 +1,26 @@
|
|||
module github.com/spiffe/spiffe-csi
|
||||
|
||||
go 1.24.0
|
||||
go 1.19
|
||||
|
||||
require (
|
||||
github.com/container-storage-interface/spec v1.11.0
|
||||
github.com/go-logr/logr v1.4.3
|
||||
github.com/go-logr/zapr v1.3.0
|
||||
github.com/google/go-cmp v0.7.0
|
||||
github.com/stretchr/testify v1.10.0
|
||||
go.uber.org/zap v1.27.0
|
||||
golang.org/x/sys v0.33.0
|
||||
google.golang.org/grpc v1.73.0
|
||||
google.golang.org/protobuf v1.36.6
|
||||
github.com/container-storage-interface/spec v1.7.0
|
||||
github.com/go-logr/logr v1.2.3
|
||||
github.com/go-logr/zapr v1.2.3
|
||||
github.com/stretchr/testify v1.8.1
|
||||
go.uber.org/zap v1.24.0
|
||||
golang.org/x/sys v0.5.0
|
||||
google.golang.org/grpc v1.53.0
|
||||
)
|
||||
|
||||
require (
|
||||
github.com/davecgh/go-spew v1.1.1 // indirect
|
||||
github.com/golang/protobuf v1.5.2 // indirect
|
||||
github.com/pmezard/go-difflib v1.0.0 // indirect
|
||||
go.uber.org/multierr v1.11.0 // indirect
|
||||
golang.org/x/net v0.38.0 // indirect
|
||||
golang.org/x/text v0.23.0 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20250324211829-b45e905df463 // indirect
|
||||
go.uber.org/atomic v1.10.0 // indirect
|
||||
go.uber.org/multierr v1.9.0 // indirect
|
||||
golang.org/x/net v0.7.0 // indirect
|
||||
golang.org/x/text v0.7.0 // indirect
|
||||
google.golang.org/genproto v0.0.0-20230222225845-10f96fb3dbec // indirect
|
||||
google.golang.org/protobuf v1.28.1 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
)
|
||||
|
|
|
|||
122
go.sum
122
go.sum
|
|
@ -1,54 +1,82 @@
|
|||
github.com/container-storage-interface/spec v1.11.0 h1:H/YKTOeUZwHtyPOr9raR+HgFmGluGCklulxDYxSdVNM=
|
||||
github.com/container-storage-interface/spec v1.11.0/go.mod h1:DtUvaQszPml1YJfIK7c00mlv6/g4wNMLanLgiUbKFRI=
|
||||
github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
|
||||
github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
|
||||
github.com/container-storage-interface/spec v1.7.0 h1:gW8eyFQUZWWrMWa8p1seJ28gwDoN5CVJ4uAbQ+Hdycw=
|
||||
github.com/container-storage-interface/spec v1.7.0/go.mod h1:JYuzLqr9VVNoDJl44xp/8fmCOvWPDKzuGTwCoklhuqk=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
|
||||
github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
|
||||
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
|
||||
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
|
||||
github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ=
|
||||
github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg=
|
||||
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
|
||||
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
|
||||
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
|
||||
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
|
||||
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
|
||||
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
||||
github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0=
|
||||
github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
||||
github.com/go-logr/zapr v1.2.3 h1:a9vnzlIBPQBBkeaR9IuMUfmVOrQlkoC4YfPoFkX3T7A=
|
||||
github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4=
|
||||
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
|
||||
github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
|
||||
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
|
||||
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
|
||||
github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
|
||||
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
|
||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
|
||||
github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
|
||||
go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
|
||||
go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
|
||||
go.opentelemetry.io/otel v1.35.0 h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ=
|
||||
go.opentelemetry.io/otel v1.35.0/go.mod h1:UEqy8Zp11hpkUrL73gSlELM0DupHoiq72dR+Zqel/+Y=
|
||||
go.opentelemetry.io/otel/metric v1.35.0 h1:0znxYu2SNyuMSQT4Y9WDWej0VpcsxkuklLa4/siN90M=
|
||||
go.opentelemetry.io/otel/metric v1.35.0/go.mod h1:nKVFgxBZ2fReX6IlyW28MgZojkoAkJGaE8CpgeAU3oE=
|
||||
go.opentelemetry.io/otel/sdk v1.35.0 h1:iPctf8iprVySXSKJffSS79eOjl9pvxV9ZqOWT0QejKY=
|
||||
go.opentelemetry.io/otel/sdk v1.35.0/go.mod h1:+ga1bZliga3DxJ3CQGg3updiaAJoNECOgJREo9KHGQg=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.35.0 h1:1RriWBmCKgkeHEhM7a2uMjMUfP7MsOF5JpUCaEqEI9o=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.35.0/go.mod h1:is6XYCUMpcKi+ZsOvfluY5YstFnhW0BidkR+gL+qN+w=
|
||||
go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt/xgMs=
|
||||
go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc=
|
||||
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
|
||||
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
|
||||
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
|
||||
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
|
||||
go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
|
||||
go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
|
||||
golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8=
|
||||
golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
|
||||
golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
|
||||
golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
|
||||
golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY=
|
||||
golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20250324211829-b45e905df463 h1:e0AIkUUhxyBKh6ssZNrAMeqhA7RKUj42346d1y02i2g=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20250324211829-b45e905df463/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
|
||||
google.golang.org/grpc v1.73.0 h1:VIWSmpI2MegBtTuFt5/JWy2oXxtjJ/e89Z70ImfD2ok=
|
||||
google.golang.org/grpc v1.73.0/go.mod h1:50sbHOUqWoCQGI8V2HQLJM0B+LMlIUjNSZmow7EVBQc=
|
||||
google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
|
||||
google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
|
||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
|
||||
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
|
||||
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
|
||||
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
|
||||
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
|
||||
github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
|
||||
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
|
||||
go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
|
||||
go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ=
|
||||
go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
|
||||
go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
|
||||
go.uber.org/goleak v1.1.11 h1:wy28qYRKZgnJTxGxvye5/wgWr1EKjmUDGYox5mGlRlI=
|
||||
go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
|
||||
go.uber.org/multierr v1.9.0 h1:7fIwc/ZtS0q++VgcfqFDxSBZVv/Xo49/SYnDFupUwlI=
|
||||
go.uber.org/multierr v1.9.0/go.mod h1:X2jQV1h+kxSjClGpnseKVIxpmcjrj7MNnI0bnlfKTVQ=
|
||||
go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI=
|
||||
go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60=
|
||||
go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
|
||||
golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
|
||||
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
|
||||
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||
golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
google.golang.org/genproto v0.0.0-20230222225845-10f96fb3dbec h1:6rwgChOSUfpzJF2/KnLgo+gMaxGpujStSkPWrbhXArU=
|
||||
google.golang.org/genproto v0.0.0-20230222225845-10f96fb3dbec/go.mod h1:3Dl5ZL0q0isWJt+FVcfpQyirqemEuLAK/iFvg1UP1Hw=
|
||||
google.golang.org/grpc v1.53.0 h1:LAv2ds7cmFV/XTS3XG1NneeENYrXGmorPxsBbptIjNc=
|
||||
google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw=
|
||||
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
|
||||
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
||||
google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w=
|
||||
google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
|
||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
|
|
|
|||
|
|
@ -0,0 +1 @@
|
|||
0.2.3
|
||||
|
|
@ -1,17 +1,52 @@
|
|||
package version
|
||||
|
||||
import (
|
||||
"runtime/debug"
|
||||
_ "embed"
|
||||
"fmt"
|
||||
"strings"
|
||||
)
|
||||
|
||||
var version string
|
||||
var (
|
||||
//go:embed VERSION
|
||||
baseVersion string
|
||||
|
||||
// gitTag is set by the linker. If set, it must match baseVersion.
|
||||
gitTag string
|
||||
|
||||
// gitCommit is the git commit. Set by the linker.
|
||||
gitCommit string
|
||||
|
||||
// gitDirty is whether or not the git repo is dirty. Set by the linker.
|
||||
gitDirty string
|
||||
|
||||
// version holds the final calculated version
|
||||
version string
|
||||
)
|
||||
|
||||
func init() {
|
||||
bi, ok := debug.ReadBuildInfo()
|
||||
if !ok {
|
||||
panic("failed to read build information")
|
||||
baseVersion = strings.TrimSpace(baseVersion)
|
||||
gitTag = strings.TrimSpace(gitTag)
|
||||
gitCommit = strings.TrimSpace(gitCommit)
|
||||
version = baseVersion
|
||||
switch {
|
||||
case gitTag == "":
|
||||
// If this isn't a tagged build, then add -dev-<commit>
|
||||
// e.g. 0.1.0-dev-50f2eef
|
||||
version += "-dev"
|
||||
if gitCommit != "" {
|
||||
version += "-" + gitCommit
|
||||
}
|
||||
case gitTag != baseVersion:
|
||||
// If this is a tagged build, then the base version must match.
|
||||
panic(fmt.Errorf("mismatched version information: base=%q tag=%q", baseVersion, gitTag))
|
||||
default:
|
||||
version = gitTag
|
||||
}
|
||||
|
||||
// If the repo is dirty, append "-dirty"
|
||||
if gitDirty != "" {
|
||||
version += "-dirty"
|
||||
}
|
||||
version = bi.Main.Version
|
||||
}
|
||||
|
||||
func Version() string {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,20 @@
|
|||
package version_test
|
||||
|
||||
import (
|
||||
"os"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/spiffe/spiffe-csi/internal/version"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func Test(t *testing.T) {
|
||||
versionData, err := os.ReadFile("VERSION")
|
||||
require.NoError(t, err)
|
||||
|
||||
actual := version.Version()
|
||||
expectedPrefix := strings.TrimSpace(string(versionData))
|
||||
|
||||
require.True(t, strings.HasPrefix(actual, expectedPrefix), "version %q should have prefix %q", actual, expectedPrefix)
|
||||
}
|
||||
|
|
@ -61,19 +61,19 @@ func New(config Config) (*Driver, error) {
|
|||
// Identity Server
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
func (d *Driver) GetPluginInfo(context.Context, *csi.GetPluginInfoRequest) (*csi.GetPluginInfoResponse, error) {
|
||||
func (d *Driver) GetPluginInfo(ctx context.Context, req *csi.GetPluginInfoRequest) (*csi.GetPluginInfoResponse, error) {
|
||||
return &csi.GetPluginInfoResponse{
|
||||
Name: d.pluginName,
|
||||
VendorVersion: version.Version(),
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (d *Driver) GetPluginCapabilities(context.Context, *csi.GetPluginCapabilitiesRequest) (*csi.GetPluginCapabilitiesResponse, error) {
|
||||
func (d *Driver) GetPluginCapabilities(ctx context.Context, req *csi.GetPluginCapabilitiesRequest) (*csi.GetPluginCapabilitiesResponse, error) {
|
||||
// Only the Node server is implemented. No other capabilities are available.
|
||||
return &csi.GetPluginCapabilitiesResponse{}, nil
|
||||
}
|
||||
|
||||
func (d *Driver) Probe(context.Context, *csi.ProbeRequest) (*csi.ProbeResponse, error) {
|
||||
func (d *Driver) Probe(ctx context.Context, req *csi.ProbeRequest) (*csi.ProbeResponse, error) {
|
||||
return &csi.ProbeResponse{}, nil
|
||||
}
|
||||
|
||||
|
|
@ -81,7 +81,7 @@ func (d *Driver) Probe(context.Context, *csi.ProbeRequest) (*csi.ProbeResponse,
|
|||
// Node Server implementation
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
func (d *Driver) NodePublishVolume(_ context.Context, req *csi.NodePublishVolumeRequest) (_ *csi.NodePublishVolumeResponse, err error) {
|
||||
func (d *Driver) NodePublishVolume(ctx context.Context, req *csi.NodePublishVolumeRequest) (_ *csi.NodePublishVolumeResponse, err error) {
|
||||
ephemeralMode := req.GetVolumeContext()["csi.storage.k8s.io/ephemeral"]
|
||||
|
||||
log := d.log.WithValues(
|
||||
|
|
@ -139,7 +139,7 @@ func (d *Driver) NodePublishVolume(_ context.Context, req *csi.NodePublishVolume
|
|||
return &csi.NodePublishVolumeResponse{}, nil
|
||||
}
|
||||
|
||||
func (d *Driver) NodeUnpublishVolume(_ context.Context, req *csi.NodeUnpublishVolumeRequest) (_ *csi.NodeUnpublishVolumeResponse, err error) {
|
||||
func (d *Driver) NodeUnpublishVolume(ctx context.Context, req *csi.NodeUnpublishVolumeRequest) (_ *csi.NodeUnpublishVolumeResponse, err error) {
|
||||
log := d.log.WithValues(
|
||||
logkeys.VolumeID, req.VolumeId,
|
||||
logkeys.TargetPath, req.TargetPath,
|
||||
|
|
@ -159,17 +159,10 @@ func (d *Driver) NodeUnpublishVolume(_ context.Context, req *csi.NodeUnpublishVo
|
|||
return nil, status.Error(codes.InvalidArgument, "request missing required target path")
|
||||
}
|
||||
|
||||
// Check if target is a valid mount and issue unmount request
|
||||
if ok, err := isMountPoint(req.TargetPath); err != nil {
|
||||
return nil, status.Errorf(codes.Internal, "unable to verify mount point %q: %v", req.TargetPath, err)
|
||||
} else if ok {
|
||||
if err := unmount(req.TargetPath); err != nil {
|
||||
return nil, status.Errorf(codes.Internal, "unable to unmount %q: %v", req.TargetPath, err)
|
||||
}
|
||||
if err := unmount(req.TargetPath); err != nil {
|
||||
return nil, status.Errorf(codes.Internal, "unable to unmount %q: %v", req.TargetPath, err)
|
||||
}
|
||||
|
||||
// Check and remove the mount path if present, report an error otherwise
|
||||
if err := os.Remove(req.TargetPath); err != nil && !errors.Is(err, os.ErrNotExist) {
|
||||
if err := os.Remove(req.TargetPath); err != nil {
|
||||
return nil, status.Errorf(codes.Internal, "unable to remove target path %q: %v", req.TargetPath, err)
|
||||
}
|
||||
|
||||
|
|
@ -178,7 +171,7 @@ func (d *Driver) NodeUnpublishVolume(_ context.Context, req *csi.NodeUnpublishVo
|
|||
return &csi.NodeUnpublishVolumeResponse{}, nil
|
||||
}
|
||||
|
||||
func (d *Driver) NodeGetCapabilities(context.Context, *csi.NodeGetCapabilitiesRequest) (*csi.NodeGetCapabilitiesResponse, error) {
|
||||
func (d *Driver) NodeGetCapabilities(ctx context.Context, req *csi.NodeGetCapabilitiesRequest) (*csi.NodeGetCapabilitiesResponse, error) {
|
||||
return &csi.NodeGetCapabilitiesResponse{
|
||||
Capabilities: []*csi.NodeServiceCapability{
|
||||
{
|
||||
|
|
@ -199,14 +192,14 @@ func (d *Driver) NodeGetCapabilities(context.Context, *csi.NodeGetCapabilitiesRe
|
|||
}, nil
|
||||
}
|
||||
|
||||
func (d *Driver) NodeGetInfo(context.Context, *csi.NodeGetInfoRequest) (*csi.NodeGetInfoResponse, error) {
|
||||
func (d *Driver) NodeGetInfo(ctx context.Context, req *csi.NodeGetInfoRequest) (*csi.NodeGetInfoResponse, error) {
|
||||
return &csi.NodeGetInfoResponse{
|
||||
NodeId: d.nodeID,
|
||||
MaxVolumesPerNode: 0,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (d *Driver) NodeGetVolumeStats(_ context.Context, req *csi.NodeGetVolumeStatsRequest) (*csi.NodeGetVolumeStatsResponse, error) {
|
||||
func (d *Driver) NodeGetVolumeStats(ctx context.Context, req *csi.NodeGetVolumeStatsRequest) (*csi.NodeGetVolumeStatsResponse, error) {
|
||||
log := d.log.WithValues(
|
||||
logkeys.VolumeID, req.VolumeId,
|
||||
logkeys.VolumePath, req.VolumePath,
|
||||
|
|
|
|||
|
|
@ -10,10 +10,10 @@ import (
|
|||
"path/filepath"
|
||||
"strings"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/container-storage-interface/spec/lib/go/csi"
|
||||
"github.com/go-logr/logr"
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/spiffe/spiffe-csi/internal/version"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
|
@ -21,18 +21,10 @@ import (
|
|||
"google.golang.org/grpc/codes"
|
||||
"google.golang.org/grpc/credentials/insecure"
|
||||
"google.golang.org/grpc/status"
|
||||
"google.golang.org/protobuf/proto"
|
||||
"google.golang.org/protobuf/testing/protocmp"
|
||||
)
|
||||
|
||||
const (
|
||||
testNodeID = "nodeID"
|
||||
unmountFailureTest = "unmount failure"
|
||||
isMountFailureTest = "isMount failure"
|
||||
)
|
||||
|
||||
var (
|
||||
testDescription string
|
||||
testNodeID = "nodeID"
|
||||
)
|
||||
|
||||
func init() {
|
||||
|
|
@ -42,17 +34,6 @@ func init() {
|
|||
unmount = func(dst string) error {
|
||||
return os.Remove(metaPath(dst))
|
||||
}
|
||||
isMountPoint = func(string) (bool, error) {
|
||||
if testDescription == unmountFailureTest {
|
||||
return true, nil
|
||||
}
|
||||
|
||||
if testDescription == isMountFailureTest {
|
||||
return false, fmt.Errorf("mock invalid mount point")
|
||||
}
|
||||
|
||||
return true, nil
|
||||
}
|
||||
}
|
||||
|
||||
func TestNew(t *testing.T) {
|
||||
|
|
@ -305,7 +286,7 @@ func TestNodePublishVolume(t *testing.T) {
|
|||
resp, err := client.NodePublishVolume(context.Background(), req)
|
||||
requireGRPCStatusPrefix(t, err, tt.expectCode, tt.expectMsgPrefix)
|
||||
if err == nil {
|
||||
assertProtoEqual(t, &csi.NodePublishVolumeResponse{}, resp)
|
||||
assert.Equal(t, &csi.NodePublishVolumeResponse{}, resp)
|
||||
assertMounted(t, targetPath, workloadAPISocketDir)
|
||||
} else {
|
||||
assert.Nil(t, resp)
|
||||
|
|
@ -342,12 +323,7 @@ func TestNodeUnpublishVolume(t *testing.T) {
|
|||
expectMsgPrefix: "request missing required target path",
|
||||
},
|
||||
{
|
||||
desc: isMountFailureTest,
|
||||
expectCode: codes.Internal,
|
||||
expectMsgPrefix: "unable to verify mount point",
|
||||
},
|
||||
{
|
||||
desc: unmountFailureTest,
|
||||
desc: "unmount failure",
|
||||
mungeTargetPath: func(t *testing.T, targetPath string) {
|
||||
// Removing the meta file to simulate that it wasn't mounted
|
||||
require.NoError(t, os.Remove(metaPath(targetPath)))
|
||||
|
|
@ -389,14 +365,13 @@ func TestNodeUnpublishVolume(t *testing.T) {
|
|||
if tt.mutateReq != nil {
|
||||
tt.mutateReq(req)
|
||||
}
|
||||
registerTestDescription(tt.desc)
|
||||
dumpIt(t, "BEFORE", targetPathBase)
|
||||
resp, err := client.NodeUnpublishVolume(context.Background(), req)
|
||||
dumpIt(t, "AFTER", targetPathBase)
|
||||
requireGRPCStatusPrefix(t, err, tt.expectCode, tt.expectMsgPrefix)
|
||||
if err == nil {
|
||||
assertNotMounted(t, targetPath)
|
||||
assertProtoEqual(t, &csi.NodeUnpublishVolumeResponse{}, resp)
|
||||
assert.Equal(t, &csi.NodeUnpublishVolumeResponse{}, resp)
|
||||
} else {
|
||||
assert.Nil(t, resp)
|
||||
}
|
||||
|
|
@ -404,10 +379,6 @@ func TestNodeUnpublishVolume(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func registerTestDescription(desc string) {
|
||||
testDescription = desc
|
||||
}
|
||||
|
||||
func requireGRPCStatusPrefix(tb testing.TB, err error, code codes.Code, msgPrefix string, msgAndArgs ...interface{}) {
|
||||
st := status.Convert(err)
|
||||
if code != st.Code() || !strings.HasPrefix(st.Message(), msgPrefix) {
|
||||
|
|
@ -451,6 +422,9 @@ func startDriver(t *testing.T) (client, string) {
|
|||
csi.RegisterIdentityServer(s, d)
|
||||
csi.RegisterNodeServer(s, d)
|
||||
|
||||
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||
defer cancel()
|
||||
|
||||
connCh := make(chan *grpc.ClientConn, 1)
|
||||
errCh := make(chan error, 2)
|
||||
|
||||
|
|
@ -458,8 +432,10 @@ func startDriver(t *testing.T) (client, string) {
|
|||
errCh <- s.Serve(l) // failures to serve will
|
||||
}()
|
||||
go func() {
|
||||
conn, err := grpc.NewClient(l.Addr().String(),
|
||||
grpc.WithTransportCredentials(insecure.NewCredentials()))
|
||||
conn, err := grpc.DialContext(ctx, l.Addr().String(),
|
||||
grpc.WithTransportCredentials(insecure.NewCredentials()),
|
||||
grpc.FailOnNonTempDialError(true),
|
||||
grpc.WithReturnConnectionError())
|
||||
if err != nil {
|
||||
errCh <- err
|
||||
} else {
|
||||
|
|
@ -509,15 +485,9 @@ func metaPath(targetPath string) string {
|
|||
func dumpIt(t *testing.T, when, dir string) {
|
||||
t.Logf(">>>>>>>>>> DUMPING %s %s", when, dir)
|
||||
assert.NoError(t, filepath.Walk(dir, filepath.WalkFunc(
|
||||
func(path string, info fs.FileInfo, _ error) error {
|
||||
func(path string, info fs.FileInfo, err error) error {
|
||||
t.Logf("%s: %o", path, info.Mode())
|
||||
return nil
|
||||
})))
|
||||
t.Logf("<<<<<<<<<< DUMPED %s %s", when, dir)
|
||||
}
|
||||
|
||||
func assertProtoEqual[M proto.Message](t *testing.T, a, b M) {
|
||||
if diff := cmp.Diff(a, b, protocmp.Transform()); diff != "" {
|
||||
require.FailNowf(t, "Proto are not equal", "diff:\n%s\n", diff)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,14 +7,18 @@ import (
|
|||
"errors"
|
||||
)
|
||||
|
||||
func bindMountRW(string, string) error {
|
||||
func bindMountRO(src, dst string) error {
|
||||
return errors.New("unsupported on this platform")
|
||||
}
|
||||
|
||||
func unmount(string) error {
|
||||
func bindMountRW(src, dst string) error {
|
||||
return errors.New("unsupported on this platform")
|
||||
}
|
||||
|
||||
func isMountPoint(string) (bool, error) {
|
||||
func unmount(path string) error {
|
||||
return errors.New("unsupported on this platform")
|
||||
}
|
||||
|
||||
func isMountPoint(mountPoint string) (bool, error) {
|
||||
return false, errors.New("unsupported on this platform")
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,3 +3,5 @@ resources:
|
|||
- spiffe-csi-driver.yaml
|
||||
- spire-server.yaml
|
||||
- spire-agent.yaml
|
||||
- spiffe-csi-test-workload-1.yaml
|
||||
- spiffe-csi-test-workload-2.yaml
|
||||
|
|
@ -29,11 +29,8 @@ spec:
|
|||
containers:
|
||||
# This is the container which runs the SPIFFE CSI driver.
|
||||
- name: spiffe-csi-driver
|
||||
# This is hardcoded to test the development image that that was
|
||||
# just built and to never pull. This should be changed in production.
|
||||
# DO NOT CHANGE THE IMAGE VERSION FOR TESTS UNLESS YOU KNOW WHAT YOU ARE DOING.
|
||||
image: ghcr.io/spiffe/spiffe-csi-driver:devel
|
||||
imagePullPolicy: Never
|
||||
image: ghcr.io/spiffe/spiffe-csi-driver:0.2.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
args: [
|
||||
"-workload-api-socket-dir", "/spire-agent-socket",
|
||||
"-csi-socket-path", "/spiffe-csi/csi.sock",
|
||||
|
|
@ -69,7 +66,7 @@ spec:
|
|||
# of all the little details required to register a CSI driver with
|
||||
# the kubelet.
|
||||
- name: node-driver-registrar
|
||||
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0
|
||||
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.6.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
args: [
|
||||
"-csi-address", "/spiffe-csi/csi.sock",
|
||||
|
|
@ -88,6 +88,8 @@ spec:
|
|||
selector:
|
||||
matchLabels:
|
||||
app: spire-agent
|
||||
updateStrategy:
|
||||
type: RollingUpdate
|
||||
template:
|
||||
metadata:
|
||||
namespace: spire-system
|
||||
|
|
@ -105,6 +105,12 @@ data:
|
|||
trust_domain = "test"
|
||||
data_dir = "/run/spire/server/data"
|
||||
log_level = "DEBUG"
|
||||
federation {
|
||||
bundle_endpoint {
|
||||
address = "0.0.0.0"
|
||||
port = 8443
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
plugins {
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
resources:
|
||||
- test-workload-1.yaml
|
||||
- test-workload-2.yaml
|
||||
99
test/run.sh
99
test/run.sh
|
|
@ -4,32 +4,18 @@ set -e -o pipefail
|
|||
|
||||
DIR="$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
|
||||
|
||||
|
||||
# Versions under test
|
||||
K8S_VERSION=${K8S_VERSION:-v1.32.2}
|
||||
KIND_VERSION=${KIND_VERSION:-v0.17.0}
|
||||
KUBECTL_VERSION=${KUBECTL_VERSION:-v1.25.3}
|
||||
|
||||
# Determine which Kind node to use for the K8s version under test. The node
|
||||
# hashes are tightly coupled to the Kind version used and they must be updated
|
||||
# together.
|
||||
KIND_VERSION=v0.27.0
|
||||
case "$K8S_VERSION" in
|
||||
v1.32.2)
|
||||
KIND_NODE="sha256:f226345927d7e348497136874b6d207e0b32cc52154ad8323129352923a3142f"
|
||||
;;
|
||||
v1.31.6)
|
||||
KIND_NODE="sha256:28b7cbb993dfe093c76641a0c95807637213c9109b761f1d422c2400e22b8e87"
|
||||
;;
|
||||
v1.30.10)
|
||||
KIND_NODE="sha256:4de75d0e82481ea846c0ed1de86328d821c1e6a6a91ac37bf804e5313670e507"
|
||||
;;
|
||||
v1.29.14)
|
||||
KIND_NODE="sha256:8703bd94ee24e51b778d5556ae310c6c0fa67d761fae6379c8e0bb480e6fea29"
|
||||
;;
|
||||
*)
|
||||
echo "no kind node available for Kind $KIND_VERSION and Kubernetes $K8S_VERSION" 1>&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
# e.g. K8S_VERSION=v1.22.4
|
||||
# https://hub.docker.com/r/kindest/node/tags
|
||||
if test -n "$K8S_VERSION"; then
|
||||
KIND_NODE="--image=kindest/node:$K8S_VERSION"
|
||||
else
|
||||
# Just use the default.
|
||||
KIND_NODE=""
|
||||
fi
|
||||
|
||||
# Export the Kind cluster name so we don't have to specify it on every kind
|
||||
# invocation
|
||||
|
|
@ -56,51 +42,17 @@ esac
|
|||
ARCH=$(uname -m)
|
||||
case "${ARCH}" in
|
||||
x86_64) ARCH=amd64 ;;
|
||||
arm64|aarch64) ARCH2=arm64 ;;
|
||||
aarch64) ARCH2=arm64 ;;
|
||||
*)
|
||||
echo "unsupported ARCH: ${ARCH}" 1>&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
SUCCESS=
|
||||
|
||||
cleanup() {
|
||||
if [ -z "$SUCCESS" ]; then
|
||||
echo "================================================="
|
||||
echo "LOGS: SPIRE Server"
|
||||
echo "================================================="
|
||||
"${KUBECTL}" logs -nspire-system deployment/spire-server --all-containers=true || true
|
||||
|
||||
echo "================================================="
|
||||
echo "LOGS: SPIRE Agent"
|
||||
echo "================================================="
|
||||
"${KUBECTL}" logs -nspire-system daemonset/spire-agent --all-containers=true || true
|
||||
|
||||
echo "================================================="
|
||||
echo "LOGS: SPIFFE CSI Driver"
|
||||
echo "================================================="
|
||||
"${KUBECTL}" logs -nspire-system daemonset/spiffe-csi-driver --all-containers=true || true
|
||||
|
||||
echo "================================================="
|
||||
echo "LOGS: Test Workload 1"
|
||||
echo "================================================="
|
||||
"${KUBECTL}" logs deployment/test-workload-1 --all-containers=true || true
|
||||
|
||||
echo "================================================="
|
||||
echo "LOGS: Test Workload 2"
|
||||
echo "================================================="
|
||||
"${KUBECTL}" logs deployment/test-workload-2 --all-containers=true || true
|
||||
|
||||
fi
|
||||
|
||||
[ -n "$SKIPCLEANUP" ] || delete-cluster
|
||||
[ -n "$SKIPCLEANUP" ] || rm -rf "${TMPDIR}"
|
||||
|
||||
if [ -z "$SUCCESS" ]; then
|
||||
echo "================================================="
|
||||
echo "!!! FAILED !!!!"
|
||||
echo "================================================="
|
||||
fi
|
||||
delete-cluster
|
||||
rm -rf "${TMPDIR}"
|
||||
}
|
||||
|
||||
build-workload() {
|
||||
|
|
@ -108,7 +60,7 @@ build-workload() {
|
|||
}
|
||||
|
||||
download-kubectl() {
|
||||
local _url="https://dl.k8s.io/release/${K8S_VERSION}/bin/${OS}/${ARCH}/kubectl"
|
||||
local _url="https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/${OS}/${ARCH}/kubectl"
|
||||
echo "Downloading ${_url}..."
|
||||
curl -s -Lo "${KUBECTL}" "${_url}"
|
||||
chmod +x "${KUBECTL}"
|
||||
|
|
@ -123,7 +75,7 @@ download-kind() {
|
|||
|
||||
create-cluster() {
|
||||
echo "Creating cluster..."
|
||||
"${KIND}" create cluster --image=kindest/node@$KIND_NODE --config "${DIR}/config/cluster.yaml"
|
||||
"${KIND}" create cluster $KIND_NODE --config "${DIR}/config/cluster.yaml"
|
||||
echo "Cluster created."
|
||||
"${KUBECTL}" version
|
||||
}
|
||||
|
|
@ -146,25 +98,19 @@ load-images() {
|
|||
echo "Images loaded."
|
||||
}
|
||||
|
||||
deploy-spire() {
|
||||
"${KUBECTL}" apply -k "${DIR}"/config/spire
|
||||
apply-yaml() {
|
||||
"${KUBECTL}" apply -k "${DIR}"/config
|
||||
echo "Waiting for SPIRE server rollout..."
|
||||
"${KUBECTL}" rollout status -w --timeout=1m -nspire-system deployment/spire-server
|
||||
echo "Waiting for SPIRE agent rollout..."
|
||||
"${KUBECTL}" rollout status -w --timeout=1m -nspire-system daemonset/spire-agent
|
||||
echo "Waiting for SPIFFE CSI Driver rollout..."
|
||||
"${KUBECTL}" rollout status -w --timeout=1m -nspire-system daemonset/spiffe-csi-driver
|
||||
}
|
||||
|
||||
deploy-workloads() {
|
||||
"${KUBECTL}" apply -k "${DIR}"/config/workloads
|
||||
echo "Waiting for test workload 1 rollout..."
|
||||
"${KUBECTL}" rollout status -w --timeout=1m deployment/test-workload-1
|
||||
echo "Waiting for test workload 2 rollout..."
|
||||
"${KUBECTL}" rollout status -w --timeout=1m deployment/test-workload-2
|
||||
}
|
||||
|
||||
register-workloads() {
|
||||
register-workload() {
|
||||
"${KUBECTL}" exec \
|
||||
-nspire-system \
|
||||
deployment/spire-server -- \
|
||||
|
|
@ -209,10 +155,9 @@ download-kind
|
|||
download-kubectl
|
||||
create-cluster
|
||||
load-images
|
||||
deploy-spire
|
||||
register-workloads
|
||||
deploy-workloads
|
||||
apply-yaml
|
||||
register-workload
|
||||
check-workload-status "test-workload-1"
|
||||
check-workload-status "test-workload-2"
|
||||
SUCCESS=1
|
||||
"${KUBECTL}" logs -nspire-system daemonset/spiffe-csi-driver -c spiffe-csi-driver
|
||||
echo "Done."
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
FROM golang:1.24.0-alpine
|
||||
FROM golang:1.17-alpine
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
|
|
|
|||
|
|
@ -1,18 +1,21 @@
|
|||
module workload
|
||||
|
||||
go 1.24.0
|
||||
go 1.17
|
||||
|
||||
require github.com/spiffe/go-spiffe/v2 v2.5.0
|
||||
require github.com/spiffe/go-spiffe/v2 v2.1.2
|
||||
|
||||
require (
|
||||
github.com/Microsoft/go-winio v0.6.2 // indirect
|
||||
github.com/go-jose/go-jose/v4 v4.0.4 // indirect
|
||||
github.com/zeebo/errs v1.4.0 // indirect
|
||||
golang.org/x/crypto v0.31.0 // indirect
|
||||
golang.org/x/net v0.33.0 // indirect
|
||||
golang.org/x/sys v0.28.0 // indirect
|
||||
golang.org/x/text v0.21.0 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20241202173237-19429a94021a // indirect
|
||||
google.golang.org/grpc v1.70.0 // indirect
|
||||
google.golang.org/protobuf v1.36.1 // indirect
|
||||
github.com/Microsoft/go-winio v0.6.0 // indirect
|
||||
github.com/golang/protobuf v1.5.2 // indirect
|
||||
github.com/zeebo/errs v1.3.0 // indirect
|
||||
golang.org/x/crypto v0.5.0 // indirect
|
||||
golang.org/x/mod v0.7.0 // indirect
|
||||
golang.org/x/net v0.5.0 // indirect
|
||||
golang.org/x/sys v0.4.0 // indirect
|
||||
golang.org/x/text v0.6.0 // indirect
|
||||
golang.org/x/tools v0.5.0 // indirect
|
||||
google.golang.org/genproto v0.0.0-20230109162033-3c3c17ce83e6 // indirect
|
||||
google.golang.org/grpc v1.51.0 // indirect
|
||||
google.golang.org/protobuf v1.28.1 // indirect
|
||||
gopkg.in/square/go-jose.v2 v2.6.0 // indirect
|
||||
)
|
||||
|
|
|
|||
1121
test/workload/go.sum
1121
test/workload/go.sum
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue